{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T06:59:25Z","timestamp":1763535565828,"version":"3.37.3"},"reference-count":79,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2018,8,17]],"date-time":"2018-08-17T00:00:00Z","timestamp":1534464000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100007601","name":"Horizon 2020","doi-asserted-by":"publisher","award":["644962"],"award-info":[{"award-number":["644962"]}],"id":[{"id":"10.13039\/501100007601","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2019,6]]},"DOI":"10.1007\/s10623-018-0535-9","type":"journal-article","created":{"date-parts":[[2018,8,16]],"date-time":"2018-08-16T23:52:27Z","timestamp":1534463547000},"page":"1373-1413","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Key-homomorphic signatures: definitions and applications to multiparty signatures and non-interactive zero-knowledge"],"prefix":"10.1007","volume":"87","author":[{"given":"David","family":"Derler","sequence":"first","affiliation":[]},{"given":"Daniel","family":"Slamanig","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,17]]},"reference":[{"key":"535_CR1","doi-asserted-by":"publisher","unstructured":"Abe M., David B., Kohlweiss M., Nishimaki R., Ohkubo M.: Tagged one-time signatures: tight security and optimal tag size. In: PKC, pp. 312\u2013331 (2013). \n https:\/\/doi.org\/10.1007\/978-3-642-36362-7_20\n \n .","DOI":"10.1007\/978-3-642-36362-7_20"},{"key":"535_CR2","doi-asserted-by":"crossref","unstructured":"Abe M., Fuchsbauer G., Groth J., Haralambiev K., Ohkubo M.: Structure-preserving signatures and commitments to group elements. In: CRYPTO (2010).","DOI":"10.1007\/978-3-642-14623-7_12"},{"key":"535_CR3","doi-asserted-by":"crossref","unstructured":"Abe M., Groth J., Ohkubo M., Tibouchi M.: Structure-preserving signatures from type II pairings. In: Advances in Cryptology\u2014CRYPTO 2014, pp. 390\u2013407 (2014).","DOI":"10.1007\/978-3-662-44371-2_22"},{"key":"535_CR4","doi-asserted-by":"publisher","unstructured":"Ahn J.H., Boneh D., Camenisch J., Hohenberger S., Shelat A., Waters B.: Computing on authenticated data. In: TCC (2012). \n https:\/\/doi.org\/10.1007\/978-3-642-28914-9_1\n \n .","DOI":"10.1007\/978-3-642-28914-9_1"},{"key":"535_CR5","unstructured":"Applebaum B., Harnik D., Ishai Y.: Semantic security under related-key attacks and applications. In: ICS (2011)."},{"key":"535_CR6","doi-asserted-by":"publisher","unstructured":"Attrapadung N., Libert B., Peters T.: Computing on authenticated data: new privacy definitions and constructions. In: ASIACRYPT (2012). \n https:\/\/doi.org\/10.1007\/978-3-642-34961-4_23\n \n .","DOI":"10.1007\/978-3-642-34961-4_23"},{"key":"535_CR7","doi-asserted-by":"publisher","unstructured":"Bader C., Jager T., Li Y., Sch\u00e4ge S.: On the impossibility of tight cryptographic reductions. In: EUROCRYPT (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-49896-5_10\n \n .","DOI":"10.1007\/978-3-662-49896-5_10"},{"key":"535_CR8","doi-asserted-by":"publisher","unstructured":"Bagherzandi A., Jarecki S.: Multisignatures using proofs of secret key possession, as secure as the diffie-hellman problem. In: SCN (2008). \n https:\/\/doi.org\/10.1007\/978-3-540-85855-3_15\n \n .","DOI":"10.1007\/978-3-540-85855-3_15"},{"key":"535_CR9","doi-asserted-by":"publisher","unstructured":"Banerjee A., Fuchsbauer G., Peikert C., Pietrzak K., Stevens S.: Key-homomorphic constrained pseudorandom functions. In: TCC (2015). \n https:\/\/doi.org\/10.1007\/978-3-662-46497-7_2\n \n .","DOI":"10.1007\/978-3-662-46497-7_2"},{"key":"535_CR10","doi-asserted-by":"publisher","unstructured":"Banerjee A., Peikert C.: New and improved key-homomorphic pseudorandom functions. In: CRYPTO (2014). \n https:\/\/doi.org\/10.1007\/978-3-662-44371-2_20\n \n .","DOI":"10.1007\/978-3-662-44371-2_20"},{"key":"535_CR11","doi-asserted-by":"publisher","unstructured":"Bellare M., Cash D., Miller R.: Cryptography secure against related-key attacks and tampering. In: ASIACRYPT (2011). \n https:\/\/doi.org\/10.1007\/978-3-642-25385-0_26\n \n .","DOI":"10.1007\/978-3-642-25385-0_26"},{"key":"535_CR12","doi-asserted-by":"publisher","unstructured":"Bellare M., Paterson K.G., Thomson S.: RKA security beyond the linear barrier: Ibe, encryption and signatures. In: ASIACRYPT (2012). \n https:\/\/doi.org\/10.1007\/978-3-642-34961-4_21\n \n .","DOI":"10.1007\/978-3-642-34961-4_21"},{"key":"535_CR13","doi-asserted-by":"publisher","unstructured":"Bender A., Katz J., Morselli R.: Ring signatures: stronger definitions, and constructions without random oracles. J. Cryptol. (2009). \n https:\/\/doi.org\/10.1007\/s00145-007-9011-9\n \n .","DOI":"10.1007\/s00145-007-9011-9"},{"key":"535_CR14","volume-title":"CCA-secure inner-product functional encryption from projective hash functions, PKC","author":"F Benhamouda","year":"2017","unstructured":"Benhamouda F., Bourse F., Lipmaa H.: CCA-secure inner-product functional encryption from projective hash functions, PKC. Springer, New York (2017)."},{"key":"535_CR15","doi-asserted-by":"publisher","unstructured":"Benhamouda F., Joye M., Libert B.: A new framework for privacy-preserving aggregation of time-series data. ACM Trans. Inf. Syst. Secur. (2016). \n https:\/\/doi.org\/10.1145\/2873069\n \n .","DOI":"10.1145\/2873069"},{"key":"535_CR16","doi-asserted-by":"publisher","unstructured":"Bernhard D., Fuchsbauer G., Ghadafi E.: Efficient signatures of knowledge and DAA in the standard model. In: ACNS (2013). \n https:\/\/doi.org\/10.1007\/978-3-642-38980-1_33\n \n .","DOI":"10.1007\/978-3-642-38980-1_33"},{"key":"535_CR17","unstructured":"Bernstein D.J.: Multi-user schnorr security, revisited. IACR Cryptology ePrint Archive (2015)."},{"key":"535_CR18","doi-asserted-by":"publisher","unstructured":"Boldyreva A.: Threshold signatures, multisignatures and blind signatures based on the gap-diffie-hellman-group signature scheme. In: PKC (2003). \n https:\/\/doi.org\/10.1007\/3-540-36288-6_3\n \n .","DOI":"10.1007\/3-540-36288-6_3"},{"key":"535_CR19","doi-asserted-by":"publisher","unstructured":"Boneh D., Gentry C., Gorbunov S., Halevi S., Nikolaenko V., Segev G., Vaikuntanathan V., Vinayagamurthy D.: Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits. In: EUROCRYPT (2014). \n https:\/\/doi.org\/10.1007\/978-3-642-55220-5_30\n \n .","DOI":"10.1007\/978-3-642-55220-5_30"},{"key":"535_CR20","doi-asserted-by":"publisher","unstructured":"Boneh D., Gentry C., Lynn B., Shacham H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: EUROCRYPT (2003). \n https:\/\/doi.org\/10.1007\/3-540-39200-9_26\n \n .","DOI":"10.1007\/3-540-39200-9_26"},{"key":"535_CR21","doi-asserted-by":"publisher","unstructured":"Boneh D., Lewi K., Montgomery H.W., Raghunathan A.: Key homomorphic PRFs and their applications. In: CRYPTO (2013). \n https:\/\/doi.org\/10.1007\/978-3-642-40041-4_23\n \n .","DOI":"10.1007\/978-3-642-40041-4_23"},{"key":"535_CR22","doi-asserted-by":"publisher","unstructured":"Boneh D., Lynn B., Shacham H.: Short signatures from the Weil pairing. J. Cryptol. (2004). \n https:\/\/doi.org\/10.1007\/s00145-004-0314-9\n \n .","DOI":"10.1007\/s00145-004-0314-9"},{"key":"535_CR23","doi-asserted-by":"publisher","unstructured":"Bootle J., Cerulli A., Chaidos P., Ghadafi E., Groth J., Petit C.: Short accountable ring signatures based on DDH. In: ESORICS (2015). \n https:\/\/doi.org\/10.1007\/978-3-319-24174-6_13\n \n .","DOI":"10.1007\/978-3-319-24174-6_13"},{"key":"535_CR24","unstructured":"Boyen X., Fan X., Shi E.: Adaptively secure fully homomorphic signatures based on lattices. Cryptology ePrint Archive, Report 2014\/916 (2014)."},{"key":"535_CR25","unstructured":"Brakerski Z., Kalai Y.T.: A framework for efficient signatures, ring signatures and identity based encryption in the standard model. IACR Cryptology ePrint Archive (2010)."},{"key":"535_CR26","doi-asserted-by":"publisher","unstructured":"Catalano D.: Homomorphic signatures and message authentication codes. In: SCN (2014). \n https:\/\/doi.org\/10.1007\/978-3-319-10879-7_29\n \n .","DOI":"10.1007\/978-3-319-10879-7_29"},{"key":"535_CR27","doi-asserted-by":"publisher","unstructured":"Chandran N., Groth J., Sahai A.: Ring signatures of sub-linear size without random oracles. In: ICALP (2007). \n https:\/\/doi.org\/10.1007\/978-3-540-73420-8_38\n \n .","DOI":"10.1007\/978-3-540-73420-8_38"},{"key":"535_CR28","doi-asserted-by":"publisher","unstructured":"Chase M., Lysyanskaya A.: On signatures of knowledge. In: CRYPTO (2006). \n https:\/\/doi.org\/10.1007\/11818175_5\n \n .","DOI":"10.1007\/11818175_5"},{"key":"535_CR29","doi-asserted-by":"publisher","unstructured":"Chatterjee S., Hankerson D., Knapp E., Menezes A.: Comparing two pairing-based aggregate signature schemes. Des. Codes Cryptogr. (2010). \n https:\/\/doi.org\/10.1007\/s10623-009-9334-7\n \n .","DOI":"10.1007\/s10623-009-9334-7"},{"key":"535_CR30","doi-asserted-by":"publisher","unstructured":"Cramer R., Damg\u00e5rd I., Schoenmakers B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: CRYPTO (1994). \n https:\/\/doi.org\/10.1007\/3-540-48658-5_19\n \n .","DOI":"10.1007\/3-540-48658-5_19"},{"key":"535_CR31","doi-asserted-by":"crossref","unstructured":"Derler D., Krenn S., Slamanig D.: Signer-anonymous designated-verifier redactable signatures for cloud-based data sharing. In: CANS (2016).","DOI":"10.1007\/978-3-319-48965-0_13"},{"key":"535_CR32","doi-asserted-by":"publisher","unstructured":"Dodis Y., Haralambiev K., L\u00f3pez-Alt A., Wichs D.: Efficient public-key cryptography in the presence of key leakage. In: ASIACRYPT, pp. 613\u2013631 (2010). \n https:\/\/doi.org\/10.1007\/978-3-642-17373-8_35\n \n .","DOI":"10.1007\/978-3-642-17373-8_35"},{"key":"535_CR33","doi-asserted-by":"publisher","unstructured":"Dodis Y., Kiayias A., Nicolosi A., Shoup V.: Anonymous identification in ad hoc groups. In: EUROCRYPT (2004). \n https:\/\/doi.org\/10.1007\/978-3-540-24676-3_36\n \n .","DOI":"10.1007\/978-3-540-24676-3_36"},{"key":"535_CR34","doi-asserted-by":"publisher","unstructured":"Dodis Y., Mironov I., Stephens-Davidowitz N.: Message transmission with reverse firewalls\u2014secure communication on corrupted machines. In: CRYPTO (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-53018-4_13\n \n .","DOI":"10.1007\/978-3-662-53018-4_13"},{"key":"535_CR35","doi-asserted-by":"crossref","unstructured":"Escala A., Groth J.: Fine-tuning groth-sahai proofs. In: PKC (2014).","DOI":"10.1007\/978-3-642-54631-0_36"},{"key":"535_CR36","doi-asserted-by":"publisher","unstructured":"Fiat A., Shamir A.: How to prove yourself: Practical solutions to identification and signature problems. In: CRYPTO (1986). \n https:\/\/doi.org\/10.1007\/3-540-47721-7_12\n \n .","DOI":"10.1007\/3-540-47721-7_12"},{"key":"535_CR37","doi-asserted-by":"publisher","unstructured":"Fischlin M., Fleischhacker N.: Limitations of the meta-reduction technique: the case of schnorr signatures. In: EUROCRYPT (2013). \n https:\/\/doi.org\/10.1007\/978-3-642-38348-9_27\n \n .","DOI":"10.1007\/978-3-642-38348-9_27"},{"key":"535_CR38","doi-asserted-by":"publisher","unstructured":"Fleischhacker N., Krupp J., Malavolta G., Schneider J., Schr\u00f6der D., Simkin M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: PKC (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-49384-7_12\n \n .","DOI":"10.1007\/978-3-662-49384-7_12"},{"key":"535_CR39","doi-asserted-by":"publisher","unstructured":"Fuchsbauer G., Hanser C., Slamanig D.: Practical round-optimal blind signatures in the standard model. In: CRYPTO (2015). \n https:\/\/doi.org\/10.1007\/978-3-662-48000-7_12\n \n .","DOI":"10.1007\/978-3-662-48000-7_12"},{"key":"535_CR40","doi-asserted-by":"publisher","unstructured":"Galbraith S.D., Malone-Lee J., Smart N.P.: Public key signatures in the multi-user setting. Inf. Process. Lett. (2002). \n https:\/\/doi.org\/10.1016\/S0020-0190(01)00338-6\n \n .","DOI":"10.1016\/S0020-0190(01)00338-6"},{"key":"535_CR41","doi-asserted-by":"publisher","unstructured":"Garay J.A., MacKenzie P.D., Yang K.: Strengthening zero-knowledge protocols using signatures. In: EUROCRYPT (2003). \n https:\/\/doi.org\/10.1007\/3-540-39200-9_11\n \n .","DOI":"10.1007\/3-540-39200-9_11"},{"key":"535_CR42","doi-asserted-by":"publisher","unstructured":"Garay J.A., MacKenzie P.D., Yang K.: Strengthening zero-knowledge protocols using signatures. J. Cryptol. (2006). \n https:\/\/doi.org\/10.1007\/s00145-005-0307-3\n \n .","DOI":"10.1007\/s00145-005-0307-3"},{"key":"535_CR43","doi-asserted-by":"publisher","unstructured":"Gay R., Hofheinz D., Kiltz E., Wee H.: Tightly cca-secure encryption without pairings. In: EUROCRYPT (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-49890-3_1\n \n .","DOI":"10.1007\/978-3-662-49890-3_1"},{"key":"535_CR44","doi-asserted-by":"crossref","unstructured":"Gentry C.: Fully homomorphic encryption using ideal lattices. In: STOC (2009).","DOI":"10.1145\/1536414.1536440"},{"key":"535_CR45","doi-asserted-by":"crossref","unstructured":"Gentry C., Peikert C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197\u2013206 (2008).","DOI":"10.1145\/1374376.1374407"},{"key":"535_CR46","doi-asserted-by":"publisher","unstructured":"Ghadafi E.: Short structure-preserving signatures. In: CT-RSA 2016, pp. 305\u2013321 (2016). \n https:\/\/doi.org\/10.1007\/978-3-319-29485-8_18\n \n .","DOI":"10.1007\/978-3-319-29485-8_18"},{"key":"535_CR47","doi-asserted-by":"publisher","unstructured":"Goh E., Jarecki S., Katz J., Wang N.: Efficient signature schemes with tight reductions to the diffie-hellman problems. J. Cryptol. (2007). \n https:\/\/doi.org\/10.1007\/s00145-007-0549-3\n \n .","DOI":"10.1007\/s00145-007-0549-3"},{"key":"535_CR48","doi-asserted-by":"publisher","unstructured":"Goldwasser S., Kalai Y.T.: Cryptographic assumptions: a position paper. In: Theory of Cryptography\u201413th International Conference, TCC 2016-A, Tel Aviv, Israel, January 10\u201313, 2016, Proceedings, Part I, pp. 505\u2013522 (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-49096-9_21\n \n .","DOI":"10.1007\/978-3-662-49096-9_21"},{"key":"535_CR49","doi-asserted-by":"publisher","unstructured":"Goldwasser S., Lewko A.B., Wilson D.A.: Bounded-collusion IBE from key homomorphism. In: TCC (2012). \n https:\/\/doi.org\/10.1007\/978-3-642-28914-9_32\n \n .","DOI":"10.1007\/978-3-642-28914-9_32"},{"key":"535_CR50","doi-asserted-by":"publisher","unstructured":"Gorbunov S., Vaikuntanathan V., Wichs D.: Leveled fully homomorphic signatures from standard lattices. In: STOC (2015). \n https:\/\/doi.org\/10.1145\/2746539.2746576\n \n .","DOI":"10.1145\/2746539.2746576"},{"key":"535_CR51","doi-asserted-by":"publisher","unstructured":"Groth J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: ASIACRYPT (2006). \n https:\/\/doi.org\/10.1007\/11935230_29\n \n .","DOI":"10.1007\/11935230_29"},{"key":"535_CR52","doi-asserted-by":"publisher","unstructured":"Groth J., Kohlweiss M.: One-out-of-many proofs: or how to leak a secret and spend a coin. In: EUROCRYPT (2015). \n https:\/\/doi.org\/10.1007\/978-3-662-46803-6_9\n \n .","DOI":"10.1007\/978-3-662-46803-6_9"},{"key":"535_CR53","doi-asserted-by":"publisher","unstructured":"Groth J., Sahai A.: Efficient non-interactive proof systems for bilinear groups. In: EUROCRYPT (2008). \n https:\/\/doi.org\/10.1007\/978-3-540-78967-3_24\n \n .","DOI":"10.1007\/978-3-540-78967-3_24"},{"key":"535_CR54","doi-asserted-by":"publisher","unstructured":"Guillou L.C., Quisquater J.: A paradoxical indentity-based signature scheme resulting from zero-knowledge. In: CRYPTO, pp. 216\u2013231 (1988). \n https:\/\/doi.org\/10.1007\/0-387-34799-2_16\n \n .","DOI":"10.1007\/0-387-34799-2_16"},{"key":"535_CR55","doi-asserted-by":"publisher","unstructured":"Hanser C., Slamanig D.: Structure-preserving signatures on equivalence classes and their application to anonymous credentials. In: ASIACRYPT (2014). \n https:\/\/doi.org\/10.1007\/978-3-662-45611-8_26\n \n .","DOI":"10.1007\/978-3-662-45611-8_26"},{"key":"535_CR56","first-page":"177","volume":"71","author":"K Itakura","year":"1983","unstructured":"Itakura K., Nakamura K.: A public-key cryptosystem suitable for digital multisignatures. NEC Res. Dev. 71, 177\u2013186 (1983).","journal-title":"NEC Res. Dev."},{"key":"535_CR57","doi-asserted-by":"publisher","unstructured":"Jakobsson M., Sako K., Impagliazzo R.: Designated verifier proofs and their applications. In: EUROCRYPT (1996). \n https:\/\/doi.org\/10.1007\/3-540-68339-9_13\n \n .","DOI":"10.1007\/3-540-68339-9_13"},{"key":"535_CR58","doi-asserted-by":"publisher","unstructured":"Johnson R., Molnar D., Song D.X., Wagner D.: Homomorphic signature schemes. In: CT-RSA (2002). \n https:\/\/doi.org\/10.1007\/3-540-45760-7_17\n \n .","DOI":"10.1007\/3-540-45760-7_17"},{"key":"535_CR59","doi-asserted-by":"publisher","unstructured":"Katz J.: Digital Signatures. Springer, New York (2010). \n https:\/\/doi.org\/10.1007\/978-0-387-27712-7\n \n .","DOI":"10.1007\/978-0-387-27712-7"},{"key":"535_CR60","doi-asserted-by":"publisher","unstructured":"Katz J., Wang N.: Efficiency improvements for signature schemes with tight security reductions. In: CCS (2003). \n https:\/\/doi.org\/10.1145\/948109.948132\n \n .","DOI":"10.1145\/948109.948132"},{"key":"535_CR61","doi-asserted-by":"publisher","unstructured":"Kiltz E., Masny D., Pan J.: Optimal security proofs for signatures from identification schemes. In: CRYPTO (2016). \n https:\/\/doi.org\/10.1007\/978-3-662-53008-5_2\n \n .","DOI":"10.1007\/978-3-662-53008-5_2"},{"issue":"1","key":"535_CR62","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/s12095-017-0253-6","volume":"10","author":"M Lacharit\u00e9","year":"2018","unstructured":"Lacharit\u00e9 M.: Security of BLS and BGLS signatures in a multi-user setting. Cryptogr. Commun. 10(1), 41\u201358 (2018). \n https:\/\/doi.org\/10.1007\/s12095-017-0253-6\n \n .","journal-title":"Cryptogr. Commun."},{"key":"535_CR63","doi-asserted-by":"publisher","unstructured":"Lu S., Ostrovsky R., Sahai A., Shacham H., Waters B.: Sequential aggregate signatures and multisignatures without random oracles. In: EUROCRYPT (2006). \n https:\/\/doi.org\/10.1007\/11761679_28\n \n .","DOI":"10.1007\/11761679_28"},{"key":"535_CR64","doi-asserted-by":"publisher","unstructured":"Lyubashevsky V.: Lattice-based identification schemes secure under active attacks. In: Public Key Cryptography\u2014PKC 2008, 11th International Workshop on Practice and Theory in Public-Key Cryptography, Barcelona, Spain, March 9\u201312, 2008. Proceedings, pp. 162\u2013179 (2008). \n https:\/\/doi.org\/10.1007\/978-3-540-78440-1_10\n \n .","DOI":"10.1007\/978-3-540-78440-1_10"},{"key":"535_CR65","doi-asserted-by":"publisher","unstructured":"Malavolta G., Schr\u00f6der D.: Efficient ring signatures in the standard model. Advances in Cryptology\u2014ASIACRYPT 2017, pp. 128\u2013157 (2017). \n https:\/\/doi.org\/10.1007\/978-3-319-70697-9_5\n \n .","DOI":"10.1007\/978-3-319-70697-9_5"},{"key":"535_CR66","doi-asserted-by":"publisher","unstructured":"Menezes A., Smart N.P.: Security of signature schemes in a multi-user setting. Des. Codes Cryptogr. (2004). \n https:\/\/doi.org\/10.1023\/B:DESI.0000036250.18062.3f\n \n .","DOI":"10.1023\/B:DESI.0000036250.18062.3f"},{"key":"535_CR67","doi-asserted-by":"publisher","unstructured":"Morita H., Schuldt J.C.N., Matsuda T., Hanaoka G., Iwata T.: On the security of the schnorr signature scheme and DSA against related-key attacks. In: ICISC (2015). \n https:\/\/doi.org\/10.1007\/978-3-319-30840-1_2\n \n .","DOI":"10.1007\/978-3-319-30840-1_2"},{"key":"535_CR68","doi-asserted-by":"publisher","unstructured":"Naor M.: On cryptographic assumptions and challenges. In: Advances in Cryptology\u2014CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17\u201321, 2003, Proceedings, pp. 96\u2013109 (2003). \n https:\/\/doi.org\/10.1007\/978-3-540-45146-4_6\n \n .","DOI":"10.1007\/978-3-540-45146-4_6"},{"key":"535_CR69","unstructured":"Pagnin E., Mitrokotsa A., Tanaka K.: Anonymous single-round server-aided verification. Cryptology ePrint Archive, Report 2017\/794 (2017). (to appear at Latincrypt 2017)."},{"key":"535_CR70","doi-asserted-by":"publisher","unstructured":"Pointcheval D., Sanders O.: Short randomizable signatures. In: CT-RSA (2016). \n https:\/\/doi.org\/10.1007\/978-3-319-29485-8_7\n \n .","DOI":"10.1007\/978-3-319-29485-8_7"},{"key":"535_CR71","doi-asserted-by":"publisher","unstructured":"Ristenpart T., Yilek S.: The power of proofs-of-possession: securing multiparty signatures against rogue-key attacks. In: EUROCRYPT (2007). \n https:\/\/doi.org\/10.1007\/978-3-540-72540-4_13\n \n .","DOI":"10.1007\/978-3-540-72540-4_13"},{"key":"535_CR72","doi-asserted-by":"publisher","unstructured":"Rivest R.L., Shamir A., Tauman Y.: How to leak a secret. In: ASIACRYPT (2001). \n https:\/\/doi.org\/10.1007\/3-540-45682-1_32\n \n .","DOI":"10.1007\/3-540-45682-1_32"},{"key":"535_CR73","doi-asserted-by":"publisher","unstructured":"Rothblum R.: Homomorphic encryption: from private-key to public-key. In: TCC (2011). \n https:\/\/doi.org\/10.1007\/978-3-642-19571-6_14\n \n .","DOI":"10.1007\/978-3-642-19571-6_14"},{"key":"535_CR74","doi-asserted-by":"publisher","unstructured":"Schnorr C.: Efficient signature generation by smart cards. J. Cryptol. (1991). \n https:\/\/doi.org\/10.1007\/BF00196725\n \n .","DOI":"10.1007\/BF00196725"},{"key":"535_CR75","doi-asserted-by":"publisher","unstructured":"Shahandashti S.F., Safavi-Naini R.: Construction of universal designated-verifier signatures and identity-based signatures from standard signatures. In: PKC (2008). \n https:\/\/doi.org\/10.1007\/978-3-540-78440-1_8\n \n .","DOI":"10.1007\/978-3-540-78440-1_8"},{"key":"535_CR76","doi-asserted-by":"publisher","unstructured":"Shamir A., Tauman Y.: Improved online\/offline signature schemes. In: CRYPTO, pp. 355\u2013367 (2001). \n https:\/\/doi.org\/10.1007\/3-540-44647-8_21\n \n .","DOI":"10.1007\/3-540-44647-8_21"},{"key":"535_CR77","doi-asserted-by":"publisher","unstructured":"Steinfeld R., Bull L., Wang H., Pieprzyk J.: Universal designated-verifier signatures. In: ASIACRYPT (2003). \n https:\/\/doi.org\/10.1007\/978-3-540-40061-5_33\n \n .","DOI":"10.1007\/978-3-540-40061-5_33"},{"key":"535_CR78","doi-asserted-by":"publisher","unstructured":"Tessaro S., Wilson D.A.: Bounded-collusion identity-based encryption from semantically-secure public-key encryption: generic constructions with short ciphertexts. In: PKC (2014). \n https:\/\/doi.org\/10.1007\/978-3-642-54631-0_15\n \n .","DOI":"10.1007\/978-3-642-54631-0_15"},{"key":"535_CR79","doi-asserted-by":"publisher","unstructured":"Waters B.: Efficient identity-based encryption without random oracles. In: EUROCRYPT (2005). \n https:\/\/doi.org\/10.1007\/11426639_7\n \n .","DOI":"10.1007\/11426639_7"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0535-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-018-0535-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0535-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,21]],"date-time":"2019-09-21T03:41:51Z","timestamp":1569037311000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-018-0535-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,17]]},"references-count":79,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2019,6]]}},"alternative-id":["535"],"URL":"https:\/\/doi.org\/10.1007\/s10623-018-0535-9","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"type":"print","value":"0925-1022"},{"type":"electronic","value":"1573-7586"}],"subject":[],"published":{"date-parts":[[2018,8,17]]},"assertion":[{"value":"21 December 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 July 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 August 2018","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 August 2018","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}